Security Basics mailing list archives
Re: port 2112
From: "J. Lambrecht" <jl_post () pandora be>
Date: Thu, 7 Aug 2003 00:38:47 +0200
check in portlists for possible trojans at that portnbr., as i remember kerberos is somehow attracting attention to one of it's port. Ehr, thought this had something to do with LDAP or some other similarlylike service. Verify wich services there are running at your host wich is initiating (?) the connections. Eventually verify these with reliable service activity on the machine itself. Do you mean you have no way of doing 'netstat -a' or something ? ----- Original Message ----- From: <Dean_Larson () May-Co com> To: <security-basics () securityfocus com> Sent: Wednesday, August 06, 2003 8:12 PM Subject: port 2112
we have a computer trying to contact a computer on the internet 66.7.244.x on port 2112 /tcp. we've looked at the computer inside our network, but didn't find anything unusual (but we were not able to do a lot of snooping on the computer -- politics). i did a google search on found a few programs running on this port, mostly kerberos related. anyone seen this type of activity also? suggestions? thanks for your help --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- port 2112 Dean_Larson (Aug 06)
- Re: port 2112 J. Lambrecht (Aug 07)
- <Possible follow-ups>
- Re: port 2112 Dean_Larson (Aug 08)